New Trojan Infiltrates Korean Organization

Security researchers have encountered a new, particularly small in size Trojan, targeting an undisclosed Korean organization.

The malicious file is enclosed in an RTF document that purports to be an invitation directed at the organization’s employees, for a free car checkup.

The text document is written in Korean and is circulated internally and leverages an old vulnerability (CVE-2012-0158) exploiting ActiveX controls in Windows Common Controls, researchers at Symantec have found.